class iaas::role::controller (
##CEPH Secrets override
$ceph_secret_client_glance = 'AQBgGdJUCPwjLRAARZ0KEaxewYcYHT3j5Gl5Cg==',
$ceph_secret_client_cinder = 'AQAvxQpVKJ03KxAADFv78tedrAWZx1SoRdsQUA==',
$ceph_secret_client_cinderbackup = 'AQBKvuVUMHvaGhAADT6nvBv9LFs7dqpB8Kis0Q==',
##CEPH - no override
$fsid = $iaas::params::ceph_fsid,
# Uncomment if auth_type is different from 'cephx'
#authentication_type = $iaas::params::ceph_authentication_type,
$mon_initial_members = $iaas::params::ceph_mon_initial_members,
$mon_host = $iaas::params::ceph_on_host,
$osd_pool_default_pg_num = $iaas::params::ceph_osd_pool_default_pg_num,
$osd_pool_default_pgp_num = $iaas::params::ceph_osd_pool_default_pgp_num,
$osd_pool_default_size = $iaas::params::ceph_osd_pool_default_size,
$osd_pool_default_min_size = $iaas::params::ceph_osd_pool_default_min_size,
$cluster_network = $iaas::params::ceph_cluster_network,
$public_network = $iaas::params::ceph_public_network,
$osd_journal_size = $iaas::params::ceph_osd_journal_size,
##ADMIN credentails
$admin_token = '12345678901234567890',
$admin_email = 'admin@mail',
$admin_password = '<ADMIN_PASSWORD>',
$admin_tenant = 'admin',
##Tenants&Users - override
$tenants = {'test'=> { description => 'OCP in HA'}},
$users = {'guest' => {password => 'pippo', tenant => 'test', email => 'alessandro.costantini@cnaf.infn.it' }},
##Cinder - override
$cinder_volume_size = '8G',
##Neutron - override
#Network1 - external
$neutron_external_network1 = '10.10.98.0/24',
$neutron_external_gateway1 = '10.10.98.1',
$neutron_network_external1_ippool_start = '10.10.98.121',
$neutron_network_external1_ippool_end = '10.10.98.125',
$neutron_network_neutron_private1 = '10.0.1.0/24',
#Network2 - external
$neutron_external_network2 = '10.10.99.0/24',
$neutron_external_gateway2 = '10.10.99.1',
$neutron_network_external2_ippool_start = '10.10.99.81',
$neutron_network_external2_ippool_end = '10.10.99.83',
$neutron_network_neutron_private2 = '10.0.2.0/24',
){
ceph::key {
'client.glance':
secret => $ceph_secret_client_glance,
cap_mon => 'allow r',
cap_osd => 'allow class-read object_prefix rbd_children, allow rwx pool=images',
user => 'glance',
group => 'glance',
mode => '0550';
'client.cinder':
secret => $ceph_secret_client_cinder,
cap_mon => 'allow r',
cap_osd => 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rx pool=images',
user => 'cinder',
group => 'cinder',
mode => '0550';
'client.cinder-backup':
secret => $ceph_secret_client_cinder,
cap_mon => 'allow r',
cap_osd => 'allow class-read object_prefix rbd_children, allow rwx pool=backups',
user => 'cinder',
group => 'cinder',
mode => '0550',
}
# Classes
class { 'iaas::profile::base':
dns_servers => $iaas::params::dns_servers,
dns_searchdomain => $iaas::params::dns_searchdomain,
} ->
class { 'iaas::profile::database-client': } ->
class { 'iaas::profile::keystone':
tenants => $tenants,
users => $users,
admin_token => $admin_token,
admin_email => $admin_email,
admin_password => $admin_password,
admin_tenant => $admin_tenant,
verbose => $iaas::params::verbose,
debug => $iaas::params::debug,
public_interface => $iaas::params::public_interface,
admin_interface => $iaas::params::admin_interface,
region => $iaas::params::region,
endpoint_main => $iaas::params::main_address,
endpoint_admin => $iaas::params::admin_address,
rhosts => $iaas::params::rhmk_ips,
rabbitmq_user => $iaas::params::rabbit_user,
rabbitmq_password => $iaas::params::rabbit_password,
} ~>
class { 'iaas::profile::glance':
password => $iaas::params::openstack_glance_password,
public_interface => $iaas::params::public_interface,
admin_interface => $iaas::params::admin_interface,
verbose => $iaas::params::verbose,
debug => $iaas::params::debug,
region => $iaas::params::region,
endpoint_main => $iaas::params::main_address,
endpoint_admin => $iaas::params::admin_address,
rhosts => $iaas::params::rhmk_ips,
rabbitmq_user => $iaas::params::rabbit_user,
rabbitmq_password => $iaas::params::rabbit_password,
} ->
class { 'iaas::profile::cinder':
password => $iaas::params::openstack_cinder_password,
secret => $iaas::params::openstack_cinder_secret,
volume_size => $cinder_volume_size,
public_interface => $iaas::params::public_interface,
admin_interface => $iaas::params::admin_interface,
verbose => $iaas::params::verbose,
debug => $iaas::params::debug,
region => $iaas::params::region,
endpoint_main => $iaas::params::main_address,
endpoint_admin => $iaas::params::admin_address,
rhosts => $iaas::params::rhmk_ips,
rabbitmq_user => $iaas::params::rabbit_user,
rabbitmq_password => $iaas::params::rabbit_password,
} ->
##NEW-CEPH
class {'ceph::profile::params':
fsid => $fsid,
# Uncomment if auth_type is different from 'cephx'
#authentication_type => 'cephx',
mon_initial_members => $mon_initial_members,
mon_host => $mon_host,
osd_pool_default_pg_num => $osd_pool_default_pg_num,
osd_pool_default_pgp_num => $osd_pool_default_pgp_num,
osd_pool_default_size => $osd_pool_default_size,
osd_pool_default_min_size => $osd_pool_default_min_size,
cluster_network => $cluster_network,
public_network => $public_network,
mon_key => $mon_key,
osd_journal_size => $osd_journal_size,
} ->
class { 'ceph::profile::base': } ->
class { 'ceph::profile::client': } ->
class { 'ceph::keys': } ->
#
class { 'iaas::profile::nova::controller':
public_interface => $iaas::params::public_interface,
admin_interface => $iaas::params::admin_interface,
password => $iaas::params::openstack_nova_password,
neutron_secret => $iaas::params::openstack_neutron_secret,
neutron_password => $iaas::params::openstack_neutron_password,
region => $iaas::params::region,
endpoint_main => $iaas::params::main_address,
endpoint_admin => $iaas::params::admin_address,
} ->
class { 'iaas::profile::neutron::server':
public_interface => $iaas::params::public_interface,
admin_interface => $iaas::params::admin_interface,
neutron_password => $iaas::params::openstack_neutron_password,
nova_password => $iaas::params::openstack_nova_password,
region => $iaas::params::region,
endpoint_main => $iaas::params::main_address,
endpoint_admin => $iaas::params::admin_address,
} ->
class { 'iaas::profile::ceilometer::controller':
coordination_ip => $iaas::params::rhmk_ips,
public_interface => $iaas::params::public_interface,
admin_interface => $iaas::params::admin_interface,
password => $iaas::params::openstack_ceilometer_password,
region => $iaas::params::region,
endpoint_main => $iaas::params::main_address,
endpoint_admin => $iaas::params::admin_address,
} ->
class { 'iaas::profile::heat':
password => $iaas::params::openstack_heat_password,
encryption_key => $iaas::params::openstack_heat_encryption_key,
public_interface => $iaas::params::public_interface,
admin_interface => $iaas::params::admin_interface,
verbose => $iaas::params::verbose,
debug => $iaas::params::debug,
region => $iaas::params::region,
endpoint_main => $iaas::params::main_address,
endpoint_admin => $iaas::params::admin_address,
rhosts => $iaas::params::rhmk_ips,
rabbitmq_user => $iaas::params::rabbit_user,
rabbitmq_password => $iaas::params::rabbit_password,
} ->
class { 'iaas::profile::horizon':
secret => $iaas::params::openstack_horizon_secret,
endpoint_address => $iaas::params::main_hostname,
endpoint_servers => $iaas::params::rhmk_hostnames,
public_interface => $iaas::params::public_interface,
admin_interface => $iaas::params::admin_interface,
} ->
class { 'iaas::setup::sharednetwork':
external_network1 => $neutron_external_network1,
gateway1 => $neutron_external_gateway1,
start_ip1 => $neutron_network_external1_ippool_start,
end_ip1 => $neutron_network_external1_ippool_end,
private_network1 => $neutron_network_neutron_private1,
external_network2 => $neutron_external_network2,
gateway2 => $neutron_external_gateway2,
start_ip2 => $neutron_network_external2_ippool_start,
end_ip2 => $neutron_network_external2_ippool_end,
private_network2 => $neutron_network_neutron_private2,
dns => $iaas::params::dns_servers,
} ->
class { 'iaas::profile::auth_file':
admin_password => $admin_password,
admin_tenant => $admin_tenant,
region => $iaas::params::region,
endpoint_hostname => $iaas::params::main_hostname,
}
}